[postban.sh] new release

Questions and answers about how to do stuff
Post Reply
nicola.piazzi
Posts: 388
Joined: 23 Apr 2015 09:45

[postban.sh] new release

Post by nicola.piazzi »

This simple script scan incoming messages each minute,
Only if it found some spam in the last minute it rebuild the ip ban table and pass it to postfix.
this table tell to postfix to reject messages from spam ip, they are ip that recently sent spam without sending some ham

Put attached file postban.sh in a dir (example /batch/postban.sh)
chmod 777 /batch/postban.sh
Put in root cron a line that execute this script every minute :
* * * * * /batch/postban.sh > /dev/null
Modify your main.cf in postfix at this line like here and then postfix reload :
smtpd_client_restrictions = (OTHER YOUR PARAMETERS) check_client_access hash:/etc/postfix/postban_access
Set your ROOTPWD of your mysql server in postban.sh Parameters section
Set your RJMESSAGE in postban.sh Parameters section
Optionally set other parameters in postban.sh Parameters section
You can see working in /batch/postban.log
Attachments
postban.zip
(1.57 KiB) Downloaded 278 times
ovizii
Posts: 463
Joined: 11 May 2016 08:08

Re: [postban.sh] new release

Post by ovizii »

after double checking seems only this part is new from the last version: S0 - right?

Also, how do I edit this:

Code: Select all

"SELECT count(clientip) \                                                               FROM mailscanner.maillog \                                                                WHERE timestamp > DATE_SUB(now(), INTERVAL 1 MINUTE) \
if I only run my cron job say every 5 minutes as opposed to your setting of every minute?
nicola.piazzi
Posts: 388
Joined: 23 Apr 2015 09:45

Re: [postban.sh] new release

Post by nicola.piazzi »

The script run every 1 minute to catch immediately new spam attack
note that every minute it check for spam in the last minute, if no spam found it doesnt rebuild the table
ovizii
Posts: 463
Joined: 11 May 2016 08:08

Re: [postban.sh] new release

Post by ovizii »

as I said, my cron job runs every 5 minutes. But I have now changed it to every minute as you recommended.
wilbourne
Posts: 52
Joined: 22 Sep 2016 09:04

Re: [postban.sh] new release

Post by wilbourne »

in case in mailscanner indicates several IP address how does the script? is it blocks all the IP addresses? or only one?
ovizii
Posts: 463
Joined: 11 May 2016 08:08

Re: [postban.sh] new release

Post by ovizii »

wilbourne wrote:in case in mailscanner indicates several IP address how does the script? is it blocks all the IP addresses? or only one?
The script is self explaining, it extracts all IPs which correspond to the values you gave it then blocks all those IPs on MTA level.
wilbourne
Posts: 52
Joined: 22 Sep 2016 09:04

Re: [postban.sh] new release

Post by wilbourne »

thank's :lol:
Post Reply